--- - name: Check whether Ironic is enabled hosts: controllers gather_facts: False tags: - introspection-rules tasks: - name: Create controllers group with ironic enabled group_by: key: "controllers_for_introspection_rules_{{ kolla_enable_ironic | bool }}" changed_when: false - name: Ensure introspection rules are registered in Ironic Inspector # Only required to run on a single host. hosts: controllers_for_introspection_rules_True[0] tags: - introspection-rules vars: venv: "{{ virtualenv_path }}/openstacksdk" pre_tasks: - name: Validate OpenStack password authentication parameters fail: msg: > Required OpenStack authentication parameter {{ item }} is {% if item in openstack_auth %}empty{% else %}not present{% endif %} in openstack_auth. Have you sourced the environment file? when: - openstack_auth_type == 'password' - item not in openstack_auth or not openstack_auth[item] with_items: "{{ openstack_auth_password_required_params }}" tags: - config-validation - name: Ensure the openstack client is installed include_role: name: stackhpc.openstack.os_openstackclient vars: os_openstackclient_venv: "{{ venv }}" os_openstackclient_install_epel: "{{ dnf_install_epel }}" os_openstackclient_state: latest os_openstackclient_upper_constraints_file: "{{ pip_upper_constraints_file }}" - name: Retrieve the IPA kernel Glance image UUID shell: > . {{ venv }}/bin/activate && openstack image show '{{ ipa_images_kernel_name }}' -f value -c id changed_when: False register: ipa_kernel_id environment: "{{ openstack_auth_env }}" - name: Retrieve the IPA ramdisk Glance image UUID shell: > . {{ venv }}/bin/activate && openstack image show '{{ ipa_images_ramdisk_name }}' -f value -c id changed_when: False register: ipa_ramdisk_id environment: "{{ openstack_auth_env }}" roles: - role: ironic-inspector-rules os_openstacksdk_install_epel: "{{ dnf_install_epel }}" os_openstacksdk_state: "latest" ironic_inspector_venv: "{{ venv }}" ironic_inspector_upper_constraints_file: "{{ openstacksdk_upper_constraints_file }}" ironic_inspector_auth_type: "{{ openstack_auth_type }}" ironic_inspector_auth: "{{ openstack_auth }}" ironic_inspector_cacert: "{{ openstack_cacert }}" ironic_inspector_interface: "{{ openstack_interface }}" ironic_inspector_rules: "{{ inspector_rules }}" # These variables may be referenced in the introspection rules. inspector_rule_var_ipmi_username: "{{ inspector_ipmi_username }}" inspector_rule_var_ipmi_password: "{{ inspector_ipmi_password }}" inspector_rule_var_redfish_username: "{{ inspector_redfish_username }}" inspector_rule_var_redfish_password: "{{ inspector_redfish_password }}" inspector_rule_var_lldp_switch_port_interface: "{{ inspector_lldp_switch_port_interface_default }}" inspector_rule_var_deploy_kernel: "{{ ipa_kernel_id.stdout }}" inspector_rule_var_deploy_ramdisk: "{{ ipa_ramdisk_id.stdout }}"